pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
104.18.3.35200 OK 12 kB URL User Request GET HTTP/1.1 pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
IP 104.18.3.35:443
Certificate IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint87:5C:76:14:05:03:7E:AD:00:B9:80:0B:3F:E7:E3:25:D8:A5:4C:03
ValidityMon, 17 Apr 2023 14:40:35 GMT - Sun, 16 Jul 2023 14:40:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (4295), with CRLF line terminators
Hash 2d5d4bf2825809ad33cec4ad6cb89dfd
bda7ab1ba9d1895743de54f9d61c5e9eb02abdd3
81a5da4538e78adaec494715fe55a1e3ec7260e67de1581c0803d800049b254a
Analyzer Verdict Alert urlquery suspicious Suspicious - Suspicious Javascript code
urlquery suspicious Suspicious - Suspicious Javascript code
openphish PayPal Inc.
GET /paypal.html HTTP/1.1
Host: pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 23:52:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"2d5d4bf2825809ad33cec4ad6cb89dfd"
Last-Modified: Wed, 03 May 2023 21:24:40 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1bd9873b77b521-OSL
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0affd42f3b881bc89a46594868663e52
03ca33c099bbc747c00360101c6ca6e21810aa07
1a1eb9e073803bd3864fdc023b727bcdd97df9074a2b8a657769da4a8b858d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 23:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
216.58.211.10200 OK 31 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 216.58.211.10:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 08:55:57 GMT
expires: Thu, 30 May 2024 08:55:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 312989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/6c9/f8e157a9463713ebc4806df66bb2b/css/styles.css
151.101.194.133200 OK 37 kB URL GET HTTP/2 www.paypalobjects.com/web/res/6c9/f8e157a9463713ebc4806df66bb2b/css/styles.css
IP 151.101.194.133:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerDigiCert Inc
Subjectwww.paypalobjects.com
FingerprintE7:CE:1C:73:96:76:25:70:9A:FD:25:2B:AA:87:23:CD:36:B6:58:DC
ValidityThu, 13 Oct 2022 00:00:00 GMT - Mon, 13 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (54795)
Hash b5649a8725b846bd2cf93673a6272eb5
c12d59fba90401142b9b4c2ef4401e4b6d3b0d3a
fb0e64eab95d98cc465fac8fcfaac70aa3611fbd252f04cf20984d27392bec0d
GET /web/res/6c9/f8e157a9463713ebc4806df66bb2b/css/styles.css HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-headers: x-csrf-token
content-encoding: br
content-type: text/css
etag: W/"641cdaea-43483"
expires: Wed, 08 May 2024 07:38:13 GMT
last-modified: Thu, 23 Mar 2023 23:04:10 GMT
paypal-debug-id: 9492d8bdd4c0f
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000009492d8bdd4c0f-d3a09225c40e99e4-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 03 Jun 2023 23:52:26 GMT
x-served-by: cache-sjc10021-SJC, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 3456, 1
x-timer: S1685836346.320439,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 37338
X-Firefox-Spdy: h2
pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/jquery-3.2.1.min.js
104.18.3.35404 Not Found 6.5 kB URL GET HTTP/1.1 pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/jquery-3.2.1.min.js
IP 104.18.3.35:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint87:5C:76:14:05:03:7E:AD:00:B9:80:0B:3F:E7:E3:25:D8:A5:4C:03
ValidityMon, 17 Apr 2023 14:40:35 GMT - Sun, 16 Jul 2023 14:40:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (611)
Hash df3d48946e8d3f5a83608308edbb4b86
47b9c40c97abf2658df96b1c06109324e15e1a00
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
GET /jquery-3.2.1.min.js HTTP/1.1
Host: pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 03 Jun 2023 23:52:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1bd98bce58b521-OSL
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0affd42f3b881bc89a46594868663e52
03ca33c099bbc747c00360101c6ca6e21810aa07
1a1eb9e073803bd3864fdc023b727bcdd97df9074a2b8a657769da4a8b858d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 23:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/jquery-3.2.1.min.js
104.18.3.35404 Not Found 6.5 kB URL GET HTTP/1.1 pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/jquery-3.2.1.min.js
IP 104.18.3.35:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint87:5C:76:14:05:03:7E:AD:00:B9:80:0B:3F:E7:E3:25:D8:A5:4C:03
ValidityMon, 17 Apr 2023 14:40:35 GMT - Sun, 16 Jul 2023 14:40:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (611)
Hash df3d48946e8d3f5a83608308edbb4b86
47b9c40c97abf2658df96b1c06109324e15e1a00
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
GET /jquery-3.2.1.min.js HTTP/1.1
Host: pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 03 Jun 2023 23:52:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1bd98dcfddb521-OSL
Content-Encoding: gzip
www.paypalobjects.com/images/checkout/hermes/sprite_logos_wallet_v10_1x.png
151.101.194.133200 OK 12 kB URL GET HTTP/2 www.paypalobjects.com/images/checkout/hermes/sprite_logos_wallet_v10_1x.png
IP 151.101.194.133:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerDigiCert Inc
Subjectwww.paypalobjects.com
FingerprintE7:CE:1C:73:96:76:25:70:9A:FD:25:2B:AA:87:23:CD:36:B6:58:DC
ValidityThu, 13 Oct 2022 00:00:00 GMT - Mon, 13 Nov 2023 23:59:59 GMT
File type PNG image data, 31 x 900, 8-bit/color RGBA, non-interlaced\012- data
Hash 2460f4a48278f06494a9ada58cf41e80
d6041a9eb2c2642efd8115be9d4012c4129cc4ed
0b175b8e12a2422c1fb98456cd5dd4f84d3eb93a01c2f98abe0d6a77d8563a96
GET /images/checkout/hermes/sprite_logos_wallet_v10_1x.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paypalobjects.com/web/res/6c9/f8e157a9463713ebc4806df66bb2b/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "z5uc33NEPq8GNqry7ZncZM5bZ+nPY8PDYX0tw48H1YI"
fastly-io-info: ifsz=11637 idim=31x900 ifmt=png ofsz=11637 odim=31x900 ofmt=png
fastly-io-warning: Failed to shrink image
fastly-stats: io=1
paypal-debug-id: 74e7f939a7a17
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000074e7f939a7a17-4cd3d72f5790b988-01
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 03 Jun 2023 23:52:26 GMT
x-served-by: cache-sjc1000134-SJC, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 195, 1
x-timer: S1685836347.732838,VS0,VE1
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 11637
X-Firefox-Spdy: h2
www.paypalobjects.com/images/shared/sprite_forms_1x.png
151.101.194.133200 OK 15 kB URL GET HTTP/2 www.paypalobjects.com/images/shared/sprite_forms_1x.png
IP 151.101.194.133:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerDigiCert Inc
Subjectwww.paypalobjects.com
FingerprintE7:CE:1C:73:96:76:25:70:9A:FD:25:2B:AA:87:23:CD:36:B6:58:DC
ValidityThu, 13 Oct 2022 00:00:00 GMT - Mon, 13 Nov 2023 23:59:59 GMT
File type PNG image data, 40 x 8000, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ddef426217a18091ac93a73c6e5e8e5
32cd44de06853b03841411814305fae142dbc306
1a11b5fece8c057aaa6fdcbb113912ada810127d6056d7518812425f1d0859eb
GET /images/shared/sprite_forms_1x.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paypalobjects.com/web/res/6c9/f8e157a9463713ebc4806df66bb2b/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "6nF3nu1/r1WsmFaQW8StHFxH4mBN4SoIdqmFqeTRxn0"
fastly-io-info: ifsz=14656 idim=40x8000 ifmt=png ofsz=14656 odim=40x8000 ofmt=png
fastly-io-warning: Failed to shrink image
fastly-stats: io=1
paypal-debug-id: b6ded48b1dd57
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000b6ded48b1dd57-30173f2f53c224e0-01
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 03 Jun 2023 23:52:26 GMT
x-served-by: cache-sjc10083-SJC, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 9395, 1
x-timer: S1685836347.739324,VS0,VE1
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 14656
X-Firefox-Spdy: h2
www.paypalobjects.com/images/checkout/hermes/scr_vp_fprd_shield_bags.png
151.101.194.133200 OK 3.0 kB URL GET HTTP/2 www.paypalobjects.com/images/checkout/hermes/scr_vp_fprd_shield_bags.png
IP 151.101.194.133:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerDigiCert Inc
Subjectwww.paypalobjects.com
FingerprintE7:CE:1C:73:96:76:25:70:9A:FD:25:2B:AA:87:23:CD:36:B6:58:DC
ValidityThu, 13 Oct 2022 00:00:00 GMT - Mon, 13 Nov 2023 23:59:59 GMT
File type PNG image data, 206 x 93, 8-bit colormap, non-interlaced\012- data
Hash 60775da211b2a28ab081b757d8f9ae72
0b5edb1f0397e572fe1dba5003146ac20cbec7f5
156e258a495a63275b069120c11f94ac292f5eea950b80ce93eff4c42d3d2753
GET /images/checkout/hermes/scr_vp_fprd_shield_bags.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paypalobjects.com/web/res/6c9/f8e157a9463713ebc4806df66bb2b/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "BHFXpgvkCENajSY/b3neaHgBf0iZOYp8HjkySe3wEXs"
fastly-io-info: ifsz=2986 idim=206x93 ifmt=png ofsz=2986 odim=206x93 ofmt=png
fastly-io-warning: Failed to shrink image
fastly-stats: io=1
paypal-debug-id: a468c26cbf0e7
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000a468c26cbf0e7-4140a0a1f163c37a-01
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 03 Jun 2023 23:52:26 GMT
x-served-by: cache-sjc10083-SJC, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 2747, 1
x-timer: S1685836347.745582,VS0,VE1
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 2986
X-Firefox-Spdy: h2
www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v16.png
151.101.194.133200 OK 23 kB URL GET HTTP/2 www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v16.png
IP 151.101.194.133:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerDigiCert Inc
Subjectwww.paypalobjects.com
FingerprintE7:CE:1C:73:96:76:25:70:9A:FD:25:2B:AA:87:23:CD:36:B6:58:DC
ValidityThu, 13 Oct 2022 00:00:00 GMT - Mon, 13 Nov 2023 23:59:59 GMT
File type PNG image data, 250 x 350, 8-bit/color RGBA, non-interlaced\012- data
Hash 492e9d9e456d5059927a286fb5764e90
5a0b5d3895beff02744dc072977884b7ae2581f3
e8867e9b228e90c2c64825bf2bacaea7f283fce1176ccf849f0935a94da488dc
GET /images/checkout/hermes/hermes_window_sprite_v16.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.paypalobjects.com/web/res/6c9/f8e157a9463713ebc4806df66bb2b/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "Xris8iur2VRO/Peul+zk8uvu70Rm+4ElpncZF/Gltc8"
fastly-io-info: ifsz=23268 idim=250x350 ifmt=png ofsz=23268 odim=250x350 ofmt=png
fastly-io-warning: Failed to shrink image
fastly-stats: io=1
paypal-debug-id: aab79f952154e
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000aab79f952154e-815c6b8190727197-01
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 03 Jun 2023 23:52:26 GMT
x-served-by: cache-sjc1000147-SJC, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 3382, 1
x-timer: S1685836347.751754,VS0,VE1
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 23268
X-Firefox-Spdy: h2
pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/...
104.18.3.35404 Not Found 6.5 kB URL GET HTTP/1.1 pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/...
IP 104.18.3.35:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerLet's Encrypt
Subject*.r2.dev
Fingerprint87:5C:76:14:05:03:7E:AD:00:B9:80:0B:3F:E7:E3:25:D8:A5:4C:03
ValidityMon, 17 Apr 2023 14:40:35 GMT - Sun, 16 Jul 2023 14:40:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (611)
Hash df3d48946e8d3f5a83608308edbb4b86
47b9c40c97abf2658df96b1c06109324e15e1a00
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
GET /... HTTP/1.1
Host: pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 03 Jun 2023 23:52:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1bd98f1934b521-OSL
Content-Encoding: gzip
www.paypalobjects.com/webstatic/icon/pp196.png
151.101.194.133200 OK 3.8 kB URL GET HTTP/2 www.paypalobjects.com/webstatic/icon/pp196.png
IP 151.101.194.133:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerDigiCert Inc
Subjectwww.paypalobjects.com
FingerprintE7:CE:1C:73:96:76:25:70:9A:FD:25:2B:AA:87:23:CD:36:B6:58:DC
ValidityThu, 13 Oct 2022 00:00:00 GMT - Mon, 13 Nov 2023 23:59:59 GMT
File type PNG image data, 196 x 196, 8-bit/color RGB, non-interlaced\012- data
Hash ed31bc434b32c89992df3f22f61ca1ec
703347f96597b3c8256be706251d3a7d4684b4c4
c4c1145f22e1dfb0babc27a92d0926a8ff150dd4be4b2b64da67d904e79c829a
GET /webstatic/icon/pp196.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "uOyLz8kMZBJJN3W8u7m7SVs+QXRHmMApjJ9SRQPF0L4"
fastly-io-info: ifsz=6295 idim=196x196 ifmt=png ofsz=3800 odim=196x196 ofmt=png
fastly-stats: io=1
paypal-debug-id: baf540c96b7ff
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 03 Jun 2023 23:52:26 GMT
x-served-by: cache-sjc10040-SJC, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 9862, 1665
x-timer: S1685836347.879595,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 3800
X-Firefox-Spdy: h2
www.paypalobjects.com/webstatic/icon/pp196.png
151.101.194.133200 OK 3.8 kB URL GET HTTP/2 www.paypalobjects.com/webstatic/icon/pp196.png
IP 151.101.194.133:443
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Certificate IssuerDigiCert Inc
Subjectwww.paypalobjects.com
FingerprintE7:CE:1C:73:96:76:25:70:9A:FD:25:2B:AA:87:23:CD:36:B6:58:DC
ValidityThu, 13 Oct 2022 00:00:00 GMT - Mon, 13 Nov 2023 23:59:59 GMT
File type PNG image data, 196 x 196, 8-bit/color RGB, non-interlaced\012- data
Hash ed31bc434b32c89992df3f22f61ca1ec
703347f96597b3c8256be706251d3a7d4684b4c4
c4c1145f22e1dfb0babc27a92d0926a8ff150dd4be4b2b64da67d904e79c829a
GET /webstatic/icon/pp196.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "uOyLz8kMZBJJN3W8u7m7SVs+QXRHmMApjJ9SRQPF0L4"
fastly-io-info: ifsz=6295 idim=196x196 ifmt=png ofsz=3800 odim=196x196 ofmt=png
fastly-stats: io=1
paypal-debug-id: baf540c96b7ff
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 03 Jun 2023 23:52:26 GMT
x-served-by: cache-sjc10040-SJC, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 9862, 1666
x-timer: S1685836347.891903,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 3800
X-Firefox-Spdy: h2
jquery-creditcardvalidator/jquery.creditCardValidator.js
0.0.0.0 0 B URL GET jquery-creditcardvalidator/jquery.creditCardValidator.js
IP 0.0.0.0:0
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /jquery.creditCardValidator.js HTTP/1.1
Host: jquery-creditcardvalidator
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
jquery-3.6.4.min.js/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: jquery-3.6.4.min.js
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
jquery-3.6.4.min.js/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: jquery-3.6.4.min.js
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
jquery-creditcardvalidator/jquery.creditCardValidator.js
0.0.0.0 0 B URL GET jquery-creditcardvalidator/jquery.creditCardValidator.js
IP 0.0.0.0:0
Requested by https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/paypal.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /jquery.creditCardValidator.js HTTP/1.1
Host: jquery-creditcardvalidator
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ea6271d2ad824a198e91d5818ced20d4.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache